Comments on: Win32/Flamer: the 21st Century Whale http://www.welivesecurity.com/2012/05/29/flamer-the-21st-century-whale/ News, Views, and Insight from the ESET Security Community Mon, 03 Feb 2014 08:49:00 +0000 hourly 1 http://wordpress.org/?v=3.7 By: David Harley http://www.welivesecurity.com/2012/05/29/flamer-the-21st-century-whale/#comment-859 Mon, 04 Jun 2012 18:57:26 +0000 http://blog.eset.com/?p=12986#comment-859 The screenshot in the post already says:
“Clean – Recommended.
The object contains a possible threat for your system. This option will completely remove possible threat from your system.”

]]>
By: Larry Constantine (Lior Samson) http://www.welivesecurity.com/2012/05/29/flamer-the-21st-century-whale/#comment-858 Mon, 04 Jun 2012 16:46:46 +0000 http://blog.eset.com/?p=12986#comment-858 "Endpoint security" like the much-touted "air gap" is an illusion. In any real installation there are far too many endpoints, too much in flux. With highly adaptable, configurable malware in the wild, if somebody wants in badly enough, they can get in. With Stuxnet, DuQu, and now Skywiper/Flamer, we have been distributing free courseware in software engineering for malicious purposes, complete with a well-equpped laboratory supplied with sample code and templates. These are all just pre-war skirmishes with small arms compared to what is on the drawing table.
–Larry Constantine (Lior Samson)

]]>
By: Kawther http://www.welivesecurity.com/2012/05/29/flamer-the-21st-century-whale/#comment-857 Sun, 03 Jun 2012 09:01:34 +0000 http://blog.eset.com/?p=12986#comment-857 Thanks, it is so inresting topic.
You mentioned here the detection of the virus and you gave snapshot about the detection and you didn’t mention the cleaning of it for NOD32 and Smart Security. Could you please confirm the ability of cleaning with snapshot?
thanks in advance 
BR

]]>
By: Stephen Cobb http://www.welivesecurity.com/2012/05/29/flamer-the-21st-century-whale/#comment-856 Tue, 29 May 2012 17:25:45 +0000 http://blog.eset.com/?p=12986#comment-856 The fuss about Flamer will be worthwhile IF the result is broader corporate and consumer awareness that a. much malware today is both complex and modular with a wide range of espionage capabilities, and b. good endpoint security offers good defense against these threats.

The RAT examples that Cameron and I showed at our presentations during Interop certainly drew a lot of eyeballs from IT progressionals who clearly needed to revise their perceptions about the state of malware, or revise the perceptions of their users and management (for that purpose the recorded version is freely available here).

Many computer users just don't realize (yet) that there is plenty of malware out there that can do things like turn on your webcam and microphone, and do yet more nasty things if they are updated with fresh modules by the botmaster. This may sound like rare and exotic stuff but we know it is not. I think it is worth noting that one of the most prolific spam-sending botnets, Win32/Festi, is modular in design, as detailed at length in the recent ESET whitepaper on Festi. The good news is that proper implementation of sound endpoint security can provide a strong defense against these complex threats.

]]>
By: David Harley http://www.welivesecurity.com/2012/05/29/flamer-the-21st-century-whale/#comment-855 Tue, 29 May 2012 11:39:17 +0000 http://blog.eset.com/?p=12986#comment-855 We used to dream of living in a sandbox. ;-)

]]>
By: Graham Cluley http://www.welivesecurity.com/2012/05/29/flamer-the-21st-century-whale/#comment-854 Tue, 29 May 2012 11:24:24 +0000 http://blog.eset.com/?p=12986#comment-854 Ha.. I love that you are making the comparison to the classic “Whale” virus.

I had the same thought myself, but hadn’t committed it to keyboard. I’m not sure anyone ever fully understood the intricacies of “Whale”… Here we are over 20 years later and it’s still a mystery..

Kids today etc..

]]>
By: David Harley http://www.welivesecurity.com/2012/05/29/flamer-the-21st-century-whale/#comment-853 Tue, 29 May 2012 10:13:56 +0000 http://blog.eset.com/?p=12986#comment-853 Thanks. The link you gave us was stripped automatically by the CMS, but I think the link I’ve added should now work correctly.

]]>
By: Maher Researcher http://www.welivesecurity.com/2012/05/29/flamer-the-21st-century-whale/#comment-852 Tue, 29 May 2012 10:02:18 +0000 http://blog.eset.com/?p=12986#comment-852 just to mention, you’re link to Maher article is not correct, this is the correct one:

]]>